image/svg+xml
bendechrai
WebAuthn
to
Hello
&
Passwords
to
Goodbye
Say
WebAuthn registration and login flow
5b
The browser passes
on the signed challenge
to the server.
4b
FIDO Security Key
returns the signed
challenge to the browser.
3b
FIDO Security Key loads
the private key, and
signs the challenge.
navigator.credentials.get
2b
web
origin
5a
The browser passes on the
new public key and signed
challenge to the server.
4a
FIDO Security Key returns the
new public key and signed
challenge to the browser.
3a
FIDO Security Key generates
new public/private keypair,
and signs the challenge.
navigator.credentials.create
2a
web
origin
Browser sends challenge and web origin
to the Credentials API to create new login
1
Server sends challenge
1
Server sends challenge
Phishing relies on
fake login pages
google.com
Fake
Success
g00g1e.com
Multifactor
Passwordless
Phishing Resistant
Performance
Easy to Remember
Hard to Guess/Clone
Easy to Change
Hard to Intercept
Passwords
';--have i been pwned?
SMS
Voice
FIDO Security Key
Access Cards
Authenticator Apps
Push Notifications
PINs
Iris
Client Certificates
Software Engineer for over 20 years
Crazy about Security and Privacy
Developer Advocate at Auth0
Demo Time!
Thank You!
Any Questions?
https://ben.sc/auth0
https://ben.sc/webauthn
ben@dechrai.com
1